Skip to content
This repository has been archived by the owner on Oct 29, 2024. It is now read-only.

1.0.1
Compare
Choose a tag to compare
@vamsii777 vamsii777 released this 06 Jan 20:09
· 18 commits to main since this release
1.0.1
ede89f6
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

Patch Update 1.0.1: Security Enhancement with Vapor

This patch update (1.0.1) for vapor-oauth integrates Vapor 4.90.0 to address the moderate severity issue of integer overflow in URI parsing, as detailed in GHSA-r6r4-5pr8-gjcp. This vulnerability, identified in versions <= 4.89.3 of Vapor, could lead to potential host spoofing. The upgrade to Vapor 4.90.0 in vapor-oauth mitigates this risk, reinforcing both the security and reliability of the library.

🔒 Security Patch

  • ede89f6 Updated vapor-oauth to incorporate Vapor 4.90.0, resolving URI parsing vulnerability and preventing host spoofing risks.
Assets 2
Loading